Labnario Huawei From Scratch
As there are not many tests’ results of Huawei equipment, I decided to share this article with you.
Please visit our Huawei From Scratch community to read it.
from Huawei CLI – fixdisk
I’ve had only one case when I used this command and … full success.
Sometimes it can happen that the file system doesn’t work properly. When you run dir command, you can find the space, which usage status is unknown. The system prompts you that the file system should be restored. Then you can run fixdisk command to release the unknown space.
Notice that:
- It is not recommended to use it when the file system works correctly.
- It doesn’t help when physical medium is damaged.
- Do not use it when CPU usage is high.
Lost chains in flash detected, please use fixdisk to recover them! <labnario>fixdisk flash: Fixdisk flash: will take long time if needed %Fixdisk flash: completed.Read More »
Huawei eNSP – news
A new Huawei network simulator eNSP has been released.
You can download it clicking on the picture below:
Anyway, the first version of Huawei eNSP was introduced one year ago. I would like to know your opinions about the simulator. What is your experience with it? Is it helpful of useless for you? Feel free to express you thoughts.
Read More »local PBR on Huawei AR routers
Some time ago I wrote about interface policy-based routing PBR. Today I will show you example of local PBR configuration on Huawei AR routers. Local PBR allows you to forward packets through different interfaces or to different hops. Unlike interface PBR, local PBR is used for locally generated packets and classifies packets based on source addresses or packet lengths.
Let’s look at the topology and configure as follows:
- Locally generated ICMP packets (with the size of 70-1300 bytes) will be sent to next hop IP address 172.16.0.2.
- Locally generated ICMP packets (with the size of 1301-1500 bytes) will be sent to outbound interface GE0/0/1.
Configure IP addresses and static routes to ensure connectivity between loopback interfaces of both routers:
# sysname labnario_1 # interface GigabitEthernet0/0/0 ip address 172.16.0.1 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 10.1.1.1 255.255.255.0 # interface LoopBack0 ip address 1.1.1.1 255.255.255.255 # ip route-static 2.2.2.2 255.255.255.255 10.1.1.2 ip route-static 2.2.2.2 255.255.255.255 172.16.0.2 # # sysname labnario_2 # interface GigabitEthernet0/0/0 ip address 172.16.0.2 255.255.255.0 # interface GigabitEthernet0/0/1 ip address 10.1.1.2 255.255.255.0 # interface NULL0 # interface LoopBack0 ip address 2.2.2.2 255.255.255.255 # ip route-static 1.1.1.1 255.255.255.255 10.1.1.1 ip route-static 1.1.1.1 255.255.255.255 172.16.0.1
Configure PBR on labnario_1:
[labnario_1]policy-based-route test permit node 1 [labnario_1-policy-based-route-test-1] if-match packet-length 70 1300 [labnario_1-policy-based-route-test-1] apply ip-address next-hop 172.16.0.2 [labnario_1-policy-based-route-test-1]quit [labnario_1]policy-based-route test permit node 2 [labnario_1-policy-based-route-test-2] if-match packet-length 1301 1500 [labnario_1-policy-based-route-test-2] apply output-interface GigabitEthernet0/0/1 [labnario_1-policy-based-route-test-2]
Enable local PBR on labnario_1:
[labnario_1]ip local policy-based-route test
Reset counters on GE 0/0/0 and 0/0/1 of labnario_1:
<labnario_1>reset counters interface GigabitEthernet 0/0/0 Info: Reset successfully. <labnario_1>reset counters interface GigabitEthernet 0/0/1 Info: Reset successfully. <labnario_1>
On labnario_1, ping the IP address of Loopback0 on labnario_2 and set the packet length to 90 bytes:
<labnario_1>ping -c 50 -m 100 -s 90 2.2.2.2
--- 2.2.2.2 ping statistics ---
50 packet(s) transmitted
50 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/25/300 ms
Let’s check statistic of both GE interfaces of labnario_1:
<labnario_1>dis interface GigabitEthernet 0/0/0
GigabitEthernet0/0/0 current state : UP
Line protocol current state : UP
Last line protocol up time : 2013-08-29 15:09:53 UTC-05:13
Description:HUAWEI, AR Series, GigabitEthernet0/0/0 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 172.16.0.1/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 00e0-fc03-c010
Last physical up time : 2013-08-29 15:09:53 UTC-05:13
Last physical down time : 2013-08-29 15:09:26 UTC-05:13
Current system time: 2013-08-29 16:43:49-05:13
Port Mode: COMMON COPPER
Speed : 0, Loopback: NONE
Duplex: HALF, Negotiation: DISABLE
Mdi : AUTO
Last 300 seconds input rate 176 bits/sec, 0 packets/sec
Last 300 seconds output rate 176 bits/sec, 0 packets/sec
Input peak rate 7504 bits/sec,Record time: 2013-08-29 15:21:13
Output peak rate 7280 bits/sec,Record time: 2013-08-29 15:21:13
Input: 50 packets, 6800 bytes
Unicast: 50, Multicast: 0
Broadcast: 0, Jumbo: 0
Discard: 0, Total Error: 0
CRC: 0, Giants: 0
Jabbers: 0, Throttles: 0
Runts: 0, Symbols: 0
Ignoreds: 0, Frames: 0
Output: 50 packets, 6600 bytes
Unicast: 50, Multicast: 0
Broadcast: 0, Jumbo: 0
Discard: 0, Total Error: 0
Collisions: 0, ExcessiveCollisions: 0
Late Collisions: 0, Deferreds: 0
Input bandwidth utilization threshold : 100.00%
Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0%
Output bandwidth utilization : 0%
<labnario_1>dis interface GigabitEthernet 0/0/1
GigabitEthernet0/0/1 current state : UP
Line protocol current state : UP
Last line protocol up time : 2013-08-29 15:09:53 UTC-05:13
Description:HUAWEI, AR Series, GigabitEthernet0/0/1 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 10.1.1.1/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 00e0-fc03-c011
Last physical up time : 2013-08-29 15:09:53 UTC-05:13
Last physical down time : 2013-08-29 15:09:26 UTC-05:13
Current system time: 2013-08-29 16:43:57-05:13
Port Mode: COMMON COPPER
Speed : 0, Loopback: NONE
Duplex: HALF, Negotiation: DISABLE
Mdi : AUTO
Last 300 seconds input rate 0 bits/sec, 0 packets/sec
Last 300 seconds output rate 0 bits/sec, 0 packets/sec
Input peak rate 5784 bits/sec,Record time: 2013-08-29 15:19:32
Output peak rate 5768 bits/sec,Record time: 2013-08-29 15:19:32
Input: 0 packets, 0 bytes
Unicast: 0, Multicast: 0
Broadcast: 0, Jumbo: 0
Discard: 0, Total Error: 0
CRC: 0, Giants: 0
Jabbers: 0, Throttles: 0
Runts: 0, Symbols: 0
Ignoreds: 0, Frames: 0
Output: 0 packets, 0 bytes
Unicast: 0, Multicast: 0
Broadcast: 0, Jumbo: 0
Discard: 0, Total Error: 0
Collisions: 0, ExcessiveCollisions: 0
Late Collisions: 0, Deferreds: 0
Input bandwidth utilization threshold : 100.00%
Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0%
Output bandwidth utilization : 0%
Repeat the same for packets of 1400 bytes:
<labnario_1>ping -c 50 -m 100 -s 1400 2.2.2.2
--- 2.2.2.2 ping statistics ---
50 packet(s) transmitted
50 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/22/90 ms
<labnario_1>dis interface GigabitEthernet 0/0/0
GigabitEthernet0/0/0 current state : UP
Line protocol current state : UP
Last line protocol up time : 2013-08-29 15:09:53 UTC-05:13
Description:HUAWEI, AR Series, GigabitEthernet0/0/0 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 172.16.0.1/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 00e0-fc03-c010
Last physical up time : 2013-08-29 15:09:53 UTC-05:13
Last physical down time : 2013-08-29 15:09:26 UTC-05:13
Current system time: 2013-08-29 16:48:29-05:13
Port Mode: COMMON COPPER
Speed : 0, Loopback: NONE
Duplex: HALF, Negotiation: DISABLE
Mdi : AUTO
Last 300 seconds input rate 176 bits/sec, 0 packets/sec
Last 300 seconds output rate 176 bits/sec, 0 packets/sec
Input peak rate 7504 bits/sec,Record time: 2013-08-29 15:21:13
Output peak rate 7280 bits/sec,Record time: 2013-08-29 15:21:13
Input: 50 packets, 6800 bytes
Unicast: 50, Multicast: 0
Broadcast: 0, Jumbo: 0
Discard: 0, Total Error: 0
CRC: 0, Giants: 0
Jabbers: 0, Throttles: 0
Runts: 0, Symbols: 0
Ignoreds: 0, Frames: 0
Output: 50 packets, 6600 bytes
Unicast: 50, Multicast: 0
Broadcast: 0, Jumbo: 0
Discard: 0, Total Error: 0
Collisions: 0, ExcessiveCollisions: 0
Late Collisions: 0, Deferreds: 0
Input bandwidth utilization threshold : 100.00%
Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0%
Output bandwidth utilization : 0%
<labnario_1>dis interface GigabitEthernet 0/0/1
GigabitEthernet0/0/1 current state : UP
Line protocol current state : UP
Last line protocol up time : 2013-08-29 15:09:53 UTC-05:13
Description:HUAWEI, AR Series, GigabitEthernet0/0/1 Interface
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 10.1.1.1/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 00e0-fc03-c011
Last physical up time : 2013-08-29 15:09:53 UTC-05:13
Last physical down time : 2013-08-29 15:09:26 UTC-05:13
Current system time: 2013-08-29 16:48:34-05:13
Port Mode: COMMON COPPER
Speed : 0, Loopback: NONE
Duplex: HALF, Negotiation: DISABLE
Mdi : AUTO
Last 300 seconds input rate 1928 bits/sec, 0 packets/sec
Last 300 seconds output rate 1920 bits/sec, 0 packets/sec
Input peak rate 41640 bits/sec,Record time: 2013-08-29 16:48:34
Output peak rate 40376 bits/sec,Record time: 2013-08-29 16:48:34
Input: 50 packets, 72300 bytes
Unicast: 50, Multicast: 0
Broadcast: 0, Jumbo: 0
Discard: 0, Total Error: 0
CRC: 0, Giants: 0
Jabbers: 0, Throttles: 0
Runts: 0, Symbols: 0
Ignoreds: 0, Frames: 0
Output: 50 packets, 72100 bytes
Unicast: 50, Multicast: 0
Broadcast: 0, Jumbo: 0
Discard: 0, Total Error: 0
Collisions: 0, ExcessiveCollisions: 0
Late Collisions: 0, Deferreds: 0
Input bandwidth utilization threshold : 100.00%
Output bandwidth utilization threshold: 100.00%
Input bandwidth utilization : 0%
Output bandwidth utilization : 0%
As you can see, which next hop or outbound interface is chosen depends on the length of locally generated packet. Packets with other lengths are routed based on destination addresses.
Read More »from Huawei CLI – “arp-ping”
I have never used it but it looks interesting. Arp-ping lets us to check whether a specified IP address or MAC address is being used in a LAN. Intrigued, I opened Huawei eNSP simulator to check this feature. Results are not fully satisfied. As arp-ping IP works correctly, I cannot say the same about arp-ping MAC. There are some problems with communication between router and hosts. It looks like router does not receive ICMP Echo Reply packets from hosts in the LAN. I checked the same between router and switch “labnario_SW2″. Results look promising. Let’s pass on to the lab.
Labnario_RT config:
# vlan batch 100 200 # interface Vlanif100 ip address 10.0.0.100 255.255.255.0 # interface Ethernet0/0/0 port link-type trunk port trunk allow-pass vlan 100 # interface GigabitEthernet0/0/1 ip address 172.16.0.100 255.255.255.0
Labnario_SW2 config:
# vlan batch 100 # interface Vlanif100 ip address 10.0.0.1 255.255.255.0 # interface Ethernet0/0/1 port link-type trunk port trunk allow-pass vlan 100
Labnario_SW1 works as Hub.
And an essence of our lab:
<labnario_RT>arp-ping ip 172.16.0.2 ARP-Pinging 172.16.0.2: 172.16.0.2 is used by 5489-98cf-8104
From the captured packets we can see how arp-ping IP works. It sends ARP Request packet. A host or routing device, that uses this IP address in the LAN, returns an ARP Reply packet. Then the sender compares the IP address specified in arp-ping command with the source IP address carried in the ARP reply packet. In case the 2 IP addresses are the same, a MAC address of the host is displayed. Somebody can say that we can do the same using common ping. Yes, you can, but what if ICMP is being blocked on a firewall? ARP is L2 protocol and is helpful in such case.
Let’s look what happens if requested IP address in not available in the LAN:
<labnario_RT>arp-ping IP 172.16.0.15 ARP-Pinging 172.16.0.15: Error: Request timed out. Error: Request timed out. Error: Request timed out. Info: The IP address is not used by anyone!
The sender displays a message indicating that the IP address is not used in the LAN.
Now we can check arp-ping MAC command for hosts and routing device (labnario_SW2). Notice that arp-ping MAC uses ICMP:
<labnario_RT>arp-ping mac 5489-98cf-8104 ?
IP_ADDR Specified local LAN in which to find
interface Specified the outgoing interface
<labnario_RT>arp-ping mac 5489-98cf-8104 172.16.0.0
LANIP: 172.16.0.0 MAC[54-89-98-CF-81-04], press CTRL_C to break
Error: Request timed out.
Error: Request timed out.
Error: Request timed out.
----- ARP-Ping MAC statistics -----
3 packet(s) transmitted
0 packet(s) received
MAC[54-89-98-CF-81-04] not be used
As I mentioned at the beginning of this post, hosts in the LAN do not send ICMP Echo Reply packets. Let’s look at captured packets:
Now check the same for a routing device:
<labnario_RT>arp-ping mac 4c1f-cc24-2720 10.0.0.0
LANIP: 10.0.0.0 MAC[4C-1F-CC-24-27-20], press CTRL_C to break
----- ARP-Ping MAC statistics -----
1 packet(s) transmitted
1 packet(s) received
IP ADDRESS MAC ADDRESS
10.0.0.1 4C-1F-CC-24-27-20
And captured packets:
Unlike for hosts, it works correctly for routing device. You can check it on your real devices. ARP-ping should work as expected.
Read More »